Alternatives and similar repositories for blueprint-securesoftwarepipeline

Users that are interested in blueprint-securesoftwarepipeline are comparing it to the libraries listed below

• deislabs / image-layer-provenance

  View on GitHub
  Container image provenance spec that allows tracing CVEs detected in registry images back to a CVE's source of origin.
  ☆45Oct 30, 2023Updated 2 years ago
• luhring / example-container-image-supply-chain-security

  View on GitHub
  Example repository that demonstrates a supply chain security workflow using Syft, Grype, Cosign
  ☆12Sep 15, 2021Updated 4 years ago
• Venafi / venafips

  View on GitHub
  Powershell module to fully automate your CyberArk Certificate Manager Self-Hosted and SaaS (Venafi TLS Protect Datacenter and Cloud) plat…
  ☆42Feb 5, 2026Updated last week
• mattmoor / zero-friction-actions

  View on GitHub
  An example repo demonstrating keyless signing with Github Actions
  ☆11May 24, 2022Updated 3 years ago
• philips-labs / fatt

  View on GitHub
  fatt tries to find any purl in your project by looking at predefined fields in the supported packages. These fields describe using a purl…
  ☆11Jan 26, 2026Updated 2 weeks ago
• testifysec / witness-examples

  View on GitHub
  Witness Examples
  ☆12Feb 27, 2024Updated last year
• shelmangroup / distroless-k8s

  View on GitHub
  Kubernetes tools in a "distroless" container
  ☆13Oct 30, 2023Updated 2 years ago
• testifysec / go-ima

  View on GitHub
  go-ima is a tool that checks if a file has been tampered with. It is useful in ensuring integrity in CI systems
  ☆13Sep 28, 2023Updated 2 years ago
• nais / salsa

  View on GitHub
  SLSA level 3 action
  ☆11Apr 26, 2024Updated last year
• morningspace / kubemacro

  View on GitHub
  A kubectl plugin to run kubectl macro that wraps a set of kubectl calls into one command to be run many times.
  ☆11Jun 28, 2021Updated 4 years ago
• dekkagaijin / spiffe-sigstore-tutorial

  View on GitHub
  ☆11Nov 11, 2022Updated 3 years ago
• kusaridev / spector

  View on GitHub
  Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks
  ☆33Apr 22, 2025Updated 9 months ago
• ruanbekker / loki-docker-nginx-example

  View on GitHub
  ☆13Oct 27, 2020Updated 5 years ago
• oss-review-toolkit / ort-ci-gitlab

  View on GitHub
  Use ORT in your GitLab pipelines
  ☆15Nov 11, 2025Updated 3 months ago
• mathieu-benoit / istio-gatekeeper-demos

  View on GitHub
  Demos and resources of the Istio + Gatekeeper talks at IstioCon 2022 and GitOpsCon 2022
  ☆14Sep 4, 2023Updated 2 years ago
• Van-Hoang-Kha / AWS-Cloud-Quest-Cloud-Practitioner

  View on GitHub
  AWS Cloud Quest: Cloud Practitioner
  ☆24Apr 8, 2022Updated 3 years ago
• philips-labs / dct-notary-admin

  View on GitHub
  To manage Docker Content Trust and Notary certificates
  ☆13Updated this week
• chainguard-dev / image-comparison

  View on GitHub
  Comparison of Chainguard Images to others
  ☆21Updated this week
• philips-labs / helm-charts

  View on GitHub
  Overview of philips-labs helm charts
  ☆17Jan 27, 2026Updated 2 weeks ago
• Azure-Samples / dapr-store

  View on GitHub
  Sample application showcasing the use of Dapr to build microservices based apps
  ☆15Feb 4, 2026Updated last week
• Venafi / vcert

  View on GitHub
  Go client SDK and command line utility designed to simplify integrations by automating key generation and certificate enrollment using Ve…
  ☆103Updated this week
• RyPeck / aws_managed_policies

  View on GitHub
  AWS managed IAM policies
  ☆16Mar 24, 2022Updated 3 years ago
• cloud-native-security-controls / controls-catalog

  View on GitHub
  ☆16May 15, 2024Updated last year
• gdbarron / VenafiTppPS

  View on GitHub
  Deprecated, see VenafiPS project. PowerShell module to access the features of Venafi Trust Protection Platform REST API
  ☆18Nov 29, 2021Updated 4 years ago
• wardviaene / golang-demos

  View on GitHub
  ☆18Apr 29, 2024Updated last year
• in-toto / attestation-verifier

  View on GitHub
  Prototype in-toto attestation verifier based on ITE-10 and ITE-11 layouts
  ☆18Feb 6, 2026Updated last week
• in-toto / friends

  View on GitHub
  Friends of in-toto! A place to record integrations and adoptions of the in-toto specification.
  ☆20Updated this week
• boxboat / dockhand-secrets-operator

  View on GitHub
  Simplify Kubernetes Secrets Management with Dockhand Secrets Operator
  ☆18Nov 24, 2025Updated 2 months ago
• wolfi-dev / tools

  View on GitHub
  Various tools, images, etc. to support the Wolfi OSS project
  ☆27Updated this week
• MChorfa / awesome-cnab

  View on GitHub
  A curated list of awesome CNAB (Cloud Native Applications Bundles) | https://cnab.io/
  ☆16Dec 17, 2020Updated 5 years ago
• chainguard-dev / cosign-ecs-verify

  View on GitHub
  Lambda function for verifying signed images in ECS
  ☆36Mar 9, 2024Updated last year
• buildsec / frsca

  View on GitHub
  ☆255Updated this week
• sigstore / scaffolding

  View on GitHub
  Stuff to make standing up sigstore (esp. for testing) easier for e2e/integration testing.
  ☆71Feb 6, 2026Updated last week
• tuananh / how-small-can-it-be

  View on GitHub
  How small can a Java application container image be
  ☆21Feb 17, 2023Updated 2 years ago
• chainguard-images / actions

  View on GitHub
  GitHub actions for the chainguard-images
  ☆21Updated this week
• in-toto / go-witness

  View on GitHub
  Go implementation of witness
  ☆44Updated this week
• secure-systems-lab / dsse

  View on GitHub
  A specification for signing methods and formats used by Secure Systems Lab projects.
  ☆94Nov 10, 2025Updated 3 months ago
• mlieberman85 / supply-chain-examples

  View on GitHub
  ☆23Oct 26, 2021Updated 4 years ago
• sigstore / cosign-gatekeeper-provider

  View on GitHub
  🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their sig…
  ☆79Dec 4, 2025Updated 2 months ago